Sign up or log in to save this to your schedule and see who's attending!

MEAN is a free and open-source JavaScript software stack for building dynamic web sites and web applications and has gained momentum in the last years: - MongoDB, a NoSQL database - Express.js, a web application framework that runs on Node.js - Angular.js, a JavaScript MVC framework that runs in browser JavaScript engines developed by Google - Node.js, an execution environment for event-driven server-side and networking applications Every developer has heard of it and many organisations are moving their production applications to MEAN stack.

This one day training will teach you how web application vulnerabilities change in the MEAN stack. We are going to explore these technologies and talk about the main issues you can encounter while either assessing or writing MEAN applications: 1) Security Fundamentals and Implications of using MongoDB, Express.js Angular.js and Node.js 2) OWASP Top 10 in MEAN 3) Typical exploitation of MEAN and how to stop these attacks - NoSQL injections - Server-side JavaScript injections

This course will be 50% hands-on using: - Secure Code Warrior (https://www.securecodewarrior.com), a platform where software developers use hands-on learning to build secure-coding skills and are benchmarked versus their peers. A month full access to the SCW platform is included in the training. - OWASP NodeGoat (https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project)

Jaap is coder, hacker and Chief Singh at Secure Code Warrior in Australia. After having done security testing at BAE Systems in Australia, he moved back to building great things instead of breaking them. He is one of the brains behind the Secure Code Warrior platform, mainly focussing... Read More →